March 8 'Internet Doomsday' threat

Posted: Updated:

PHOENIX -- Last November the FBI arrested six men in Estonia who were part of a sophisticated Internet fraud ring responsible for infecting millions of computers around the world.

The arrests and the FBI's subsequent actions have led to reports that an 'Internet Doomsday' will take place on March 8, 2012.  While the term 'doomsday' may be a bit sensational, it is true that millions of users could lose their ability to go online later this month, but don't blame the FBI.

The Estonian criminals used a type of malware called DNSChanger to infect nearly 4 million computers in over 100 countries.

When a computer is infected by the DNSChanger Trojan, the criminals can hijack the infected computer's Domain Name System (DNS), which allows them to redirect unsuspecting users to rogue websites that they control. By the time the FBI shut them down, officials say the thieves had managed to generate at least $14 million in illicit fees.

As a precautionary measure, a federal court order allowed the FBI temporarily replaced the criminal's rogue servers with legitimate servers.  This was intended to give users around the world some time to remove the malicious software from their computers.

The court order allowed the FBI's replacement servers to stay online for 120 days.  That original 120 day period ends on March 8, 2012, however, experts believe millions of computers are still infected, which is where the 'Internet Doomsday' phrase comes into the picture.

The FBI has asked the court to extend the order until July 9, 2012, which will give users an additional 120 days to get their computer's cleaned up, essentially postponing the doomsday threat. 

Resources for Avoiding the Internet Doomsday Threat